rnsrk/wisski-cloud-distillery
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Make SSH_PORT configurable

Browse source
This commit is contained in:
Tom Wiesing 2022-11-17 09:43:01 +01:00
parent 2bcd70c1ec
commit 4752c0fcec
No known key found for this signature in database
9 changed files with 25 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
internal/config/config.go
View file

@ -68,6 +68,9 @@ type Config struct {
// This variable can be used to determine their length. // This variable can be used to determine their length.
PasswordLength int `env:"PASSWORD_LENGTH" default:"64" parser:"number"` PasswordLength int `env:"PASSWORD_LENGTH" default:"64" parser:"number"`
// Public port to use for the ssh server
PublicSSHPort uint16 `env:"SSH_PORT" default:"2222" parser:"port"`
// A file to be used for global authorized_keys for the ssh server. // A file to be used for global authorized_keys for the ssh server.
GlobalAuthorizedKeysFile string `env:"GLOBAL_AUTHORIZED_KEYS_FILE" default:"/var/www/deploy/authorized_keys" parser:"file"` GlobalAuthorizedKeysFile string `env:"GLOBAL_AUTHORIZED_KEYS_FILE" default:"/var/www/deploy/authorized_keys" parser:"file"`

3
internal/config/config_template
View file

@ -58,6 +58,9 @@ PASSWORD_LENGTH=64
# A file to be used for global authorized_keys for the ssh server. # A file to be used for global authorized_keys for the ssh server.
GLOBAL_AUTHORIZED_KEYS_FILE=${AUTHORIZED_KEYS_FILE} GLOBAL_AUTHORIZED_KEYS_FILE=${AUTHORIZED_KEYS_FILE}
# the port to use for the ssh server
SSH_PORT=2222
# The admin user and password of the GraphDB interface, to be used for queries # The admin user and password of the GraphDB interface, to be used for queries
GRAPHDB_ADMIN_USER=${GRAPHDB_ADMIN_USER} GRAPHDB_ADMIN_USER=${GRAPHDB_ADMIN_USER}
GRAPHDB_ADMIN_PASSWORD=${GRAPHDB_ADMIN_PASSWORD} GRAPHDB_ADMIN_PASSWORD=${GRAPHDB_ADMIN_PASSWORD}

6
internal/dis/component/ssh2/server_handler.go
View file

@ -3,6 +3,7 @@ package ssh2
import ( import (
"bufio" "bufio"
"io" "io"
"strconv"
"strings" "strings"
"github.com/gliderlabs/ssh" "github.com/gliderlabs/ssh"
@ -34,7 +35,7 @@ is the name of the WissKI you want to you want to connect to.
From a linux (or mac, or windows 11) command line you may use: From a linux (or mac, or windows 11) command line you may use:
ssh -J ${DOMAIN}:2222 www-data@${HOSTNAME} ssh -J ${DOMAIN}:${PORT} www-data@${HOSTNAME}
You may also place the following into your $HOME/.ssh/config file: You may also place the following into your $HOME/.ssh/config file:
@ -44,7 +45,7 @@ Host *.${DOMAIN}
Host ${DOMAIN}.proxy Host ${DOMAIN}.proxy
User www-data User www-data
Hostname ${DOMAIN} Hostname ${DOMAIN}
Port 2222 Port ${PORT}
and then connect simply via: and then connect simply via:
@ -81,6 +82,7 @@ func (ssh2 *SSH2) handleConnection(session ssh.Session) {
{"${SLUG}", slug}, {"${SLUG}", slug},
{"${DOMAIN}", ssh2.Config.DefaultDomain}, {"${DOMAIN}", ssh2.Config.DefaultDomain},
{"${HOSTNAME}", slug + "." + ssh2.Config.DefaultDomain}, {"${HOSTNAME}", slug + "." + ssh2.Config.DefaultDomain},
{"${PORT}", strconv.FormatUint(uint64(ssh2.Config.PublicSSHPort), 10)},
} { } {
banner = strings.ReplaceAll(banner, oldnew[0], oldnew[1]) banner = strings.ReplaceAll(banner, oldnew[0], oldnew[1])
} }

5
internal/dis/component/ssh2/server_hostkeys.go
View file

@ -118,10 +118,10 @@ func (ssh2 *SSH2) makeHostKey(io stream.IOStream, key HostKey, path string) erro
// generate and write private key as PEM // generate and write private key as PEM
privateKeyFile, err := ssh2.Environment.Create(path, environment.DefaultFilePerm) privateKeyFile, err := ssh2.Environment.Create(path, environment.DefaultFilePerm)
defer privateKeyFile.Close()
if err != nil { if err != nil {
return err return err
} }
defer privateKeyFile.Close()
return pem.Encode(privateKeyFile, privateKeyPEM) return pem.Encode(privateKeyFile, privateKeyPEM)
} }
@ -228,8 +228,7 @@ func (ek *ed25519HostKey) UnmarshalPEM(block *pem.Block) (err error) {
// store the private key and setup the signer // store the private key and setup the signer
ek.pk = &pk ek.pk = &pk
ek.Signer, err = gossh.NewSignerFromKey(ek.pk) ek.Signer, err = gossh.NewSignerFromKey(ek.pk)
return err
return nil
} }
// //

1
internal/dis/component/ssh2/ssh2.env
View file

@ -8,3 +8,4 @@ SELF_RESOLVER_BLOCK_FILE=${SELF_RESOLVER_BLOCK_FILE}
DOCKER_NETWORK_NAME=${DOCKER_NETWORK_NAME} DOCKER_NETWORK_NAME=${DOCKER_NETWORK_NAME}
HTTPS_ENABLED=${HTTPS_ENABLED} HTTPS_ENABLED=${HTTPS_ENABLED}
SSH_PORT=${SSH_PORT}

2
internal/dis/component/ssh2/ssh2/docker-compose.yml
View file

@ -7,7 +7,7 @@ services:
environment: environment:
CONFIG_PATH: ${CONFIG_PATH} CONFIG_PATH: ${CONFIG_PATH}
ports: ports:
- "2222:2222" - "${SSH_PORT}:2222"
volumes: volumes:
- "/var/run/docker.sock:/var/run/docker.sock" - "/var/run/docker.sock:/var/run/docker.sock"
- "${CONFIG_PATH}:${CONFIG_PATH}:ro" - "${CONFIG_PATH}:${CONFIG_PATH}:ro"

3
internal/dis/component/ssh2/stack.go
View file

@ -3,6 +3,7 @@ package ssh2
import ( import (
"embed" "embed"
"path/filepath" "path/filepath"
"strconv"
"github.com/FAU-CDI/wisski-distillery/internal/bootstrap" "github.com/FAU-CDI/wisski-distillery/internal/bootstrap"
"github.com/FAU-CDI/wisski-distillery/internal/dis/component" "github.com/FAU-CDI/wisski-distillery/internal/dis/component"
@ -33,6 +34,8 @@ func (ssh *SSH2) Stack(env environment.Environment) component.StackWithResources
"GLOBAL_AUTHORIZED_KEYS_FILE": ssh.Config.GlobalAuthorizedKeysFile, "GLOBAL_AUTHORIZED_KEYS_FILE": ssh.Config.GlobalAuthorizedKeysFile,
"SELF_OVERRIDES_FILE": ssh.Config.SelfOverridesFile, "SELF_OVERRIDES_FILE": ssh.Config.SelfOverridesFile,
"SELF_RESOLVER_BLOCK_FILE": ssh.Config.SelfResolverBlockFile, "SELF_RESOLVER_BLOCK_FILE": ssh.Config.SelfResolverBlockFile,
"SSH_PORT": strconv.FormatUint(uint64(ssh.Config.PublicSSHPort), 10),
}, },
CopyContextFiles: []string{bootstrap.Executable}, CopyContextFiles: []string{bootstrap.Executable},

1
pkg/stringparser/parse.go
View file

@ -46,6 +46,7 @@ var knownParsers map[string]Parser[any] = map[string]Parser[any]{
"domain": asGenericParser(ParseValidDomain), "domain": asGenericParser(ParseValidDomain),
"domains": asGenericParser(ParseValidDomains), "domains": asGenericParser(ParseValidDomains),
"number": asGenericParser(ParseNumber), "number": asGenericParser(ParseNumber),
"port": asGenericParser(ParsePort),
"https_url": asGenericParser(ParseHttpsURL), "https_url": asGenericParser(ParseHttpsURL),
"slug": asGenericParser(ParseSlug), "slug": asGenericParser(ParseSlug),
"file": asGenericParser(ParseFile), "file": asGenericParser(ParseFile),

6
pkg/stringparser/stringparser.go
View file

@ -76,6 +76,12 @@ func ParseNumber(env environment.Environment, s string) (int, error) {
return int(value), err return int(value), err
} }
// ParsePort parses s as a port
func ParsePort(env environment.Environment, s string) (uint16, error) {
value, err := strconv.ParseUint(s, 10, 16)
return uint16(value), err
}
// ParseHttpsURL parses a string into a url that starts with 'https://' // ParseHttpsURL parses a string into a url that starts with 'https://'
func ParseHttpsURL(env environment.Environment, s string) (*url.URL, error) { func ParseHttpsURL(env environment.Environment, s string) (*url.URL, error) {
url, err := url.Parse(s) url, err := url.Parse(s)